China and the World of Business • China Business and the World

Steven Schwankert of Village Grouch fame wrote an excellent piece for IDG (picked up here in The Washington Post) describing how Chinese fans seeking to download illegal copies of Ang Lee’s excellent film “Lust, Caution” are finding on their hard drives not a copy of the film, but with software that pops a nasty little trojan virus into their systems.

There are several interesting aspects to this story.

Virus? What Virus?

First, it was apparently found and addressed by Kaspersky Lab and Rising Software well before it came up on the collective radar screens of Symantec, McAfee, and TrendMicro. One wonders why this is the case, particularly given that Symantec and McAfee tout the value of their software in part based on their global scanning for viral threats. I am especially concerned about TrendMicro, who have a huge presence in China and who make a great deal about their expertise as an “Asian” security company.

It also suggests that the malware threat in China is growing and diversifying. From dorm rooms filled with budding software engineers, to the challenges facing the country’s law enforcement teams, to the quiet but rapid growth of China’s cyberwar military-industrial complex, the country has become as much a haven and spawning ground for creators and distributors of Malware as the United States or any other country. This would seem to argue for greater investment by the computer security vendors in local labs who can not only find but anticipate new threats.

As an aside, it would also seem that companies like Symantec are destined to become major defense contractors. But we digress.

The Empire Strikes Back

Second, it seems that Hollywood (including the music and TV people as well as the film side of the business) and the software industry may have inadvertently discovered a way to slow online piracy and perhaps even the growth of downloaded content. All the studios – or, better yet, the MPA and the Business Software Alliance – need to do is hire a few good hackers to come up with some particularly nasty viruses and spread them around online disguised as illegitimate digital copies of random applications, movies, and music files.

Sure, the viruses would not deter the most determined or careful downloaders, and the anti-virus companies would inevitably come up with fixes. But imagine, for a moment, the fear, uncertainty, and doubt this would wreak among the less-expert. The mere possibility that these files would include viruses would be enough to drive a lot of marginal downloaders away from illegitimate downloading (and probably a few away from legit downloads as well).

Naturally I would expect clearer heads in the PR and legal departments of these organizations to prevail, ensuring that neither Hollywood nor the software industry would ever actually subsidize – or even publicly condone such practices. But you can easily imagine how such an option must tempt some people in places like Redmond and in the Black Tower.

Indeed, if the matter of digital rights management has proven anything, it has proven that Hollywood and many large software concerns believe that extremism in the defense of intellectual property is no vice, and that goodwill is readily sacrificed in that battle. If anything will keep hackers from high-powered lunches at the Ivy or the Fulton Fish market, it is the fear of court costs.

Nonetheless, it is fascinating, if not a bit disconcerting, to think that there is a commonality of interest between the creators of malware and the creators of movies.

Engineer, Engage the FUD Pump

What I do expect is that the IPR-driven industries will kick into gear a semi-coordinated propaganda effort to ensure that stories like the “Lust, Caution” become as widely known as possible, so that the threat is seen as being far larger and more serious than it really is. This costs them little, supports their goals magnificently, and enables the studios and developers to position themselves as defenders of the public interest.

Which, frankly, is the smarter way to handle it. You steal, you pay. Or, you pay, we protect.

For all the failings implicit in Hollywood’s approaches to the IPR issue and digital entertainment, let’s not lose sight of the most important fact – downloading illegal files is theft, theft is wrong, and anyone who does so willfully probably deserves a hard drive filled with malware.